/srv/irclogs.ubuntu.com/2009/03/20/#ubuntu-classroom.txt

bodhi_zazenProbably one at at time for guests00:00
Rocket2DMnack im fighting with someone00:00
Nano_ext3we are all fighting lolz00:00
Nano_ext3can I type something everyone?00:00
Nano_ext3:)00:00
bodhi_zazenI can see everyone has hit the wall :)00:01
Rocket2DMni should customize my terminal like bodhi_zazen has00:01
Rocket2DMnis that a bash thing?00:01
jimi_hendrixbodhi_zazen, what programs are those00:01
bodhi_zazenOK, lets get this show on the wall00:01
bodhi_zazen:)00:01
Nano_ext3haha00:01
WastePotato\o/00:01
bodhi_zazenFirst , thank you everyone for coming to this session00:01
rraj_bebodhi_zazen: sorry for intrupting,   when i tried it , its giving like "Enter passphrase for key '/home/raj/.ssh/ufbt-guest':"00:01
Snovarraj_be: "padawan"00:02
jimi_hendrixbodhi_zazen, whats tha shell00:02
bodhi_zazenLet me assure you , the beginners team put me up to this00:02
rraj_bek Snova00:02
jimi_hendrixive heard zsh but not jailzsh00:02
Snovajimi_hendrix: A jailed Zsh. :)00:02
jimi_hendrixwhich is?00:02
bodhi_zazenit is a shell I make for apparmor jimi_hendrix00:02
bodhi_zazenit is zsh00:02
SnovaZsh, in a restricted environment.00:02
jimi_hendrixahh00:02
jimi_hendrixdid you edit it or something00:02
jimi_hendrixedit the source*00:02
WastePotato:(00:02
SnovaNo, that's what AppArmor is for.00:03
bodhi_zazenThe intention is to raise awareness of security and so here we are :)00:03
jimi_hendrixok00:03
* jimi_hendrix raises hand00:03
bodhi_zazenWhat do people want me to cover, what questions do you have ?00:03
* jimi_hendrix raises hand00:03
rraj_beSnova:  Enter passphrase for key '/home/raj/.ssh/ufbt-guest':00:03
bodhi_zazengo jimi_hendrix :)00:03
rraj_bePermission denied (publickey).00:03
Nano_ext3show how to implement profiles00:03
bodhi_zazenrraj_be: padawan00:03
Nano_ext3http://paste.ubuntu.com/133993/00:03
jimi_hendrixbodhi_zazen, i dual boot windows and ubuntu00:03
jimi_hendrixdo i need an antivirus on ubuntu00:03
rraj_beok bodhi_zazen00:03
Nano_ext3jimi_hendrix: hahah no00:04
Nano_ext3this is for user control00:04
Nano_ext3security on a server if you may00:04
bodhi_zazensomeone help rraj_be in a private window or on ##beginenrs-help00:04
bodhi_zazenOK, antivirus first then :)00:04
bodhi_zazenyou will get varied opinions00:04
* jimi_hendrix uses AVG on windows00:04
bodhi_zazenIMO antivirus is best used on your windows boxes00:05
Nano_ext3Agreed00:05
bodhi_zazenIMO Linux antivirus is best on file or mail servers00:05
Nano_ext3things that need the security00:05
bodhi_zazenIMO scanning your Linux desktop with antivirus will yield lots fo false positives00:05
jimi_hendrixwhat about a webserver00:05
Nano_ext3for desktop , not an issue really00:05
* jimi_hendrix is thinking of setting up a webserver00:05
Nano_ext3yes on a webserver I would say00:05
Rocket2DMnbodhi_zazen, if you need a place to start the discussion, why dont you briefly explain some of the tools you use to enhance security in linux (apparmor, iptables, ossec, snort, etc).  e.g. in one sentence each, what do they do?00:05
Nano_ext3anything that deals with heavy user traffic00:06
bodhi_zazengood idea Rocket2DMn :)00:06
Nano_ext3yea00:06
bodhi_zazenThe linux tools are a bit different00:06
bodhi_zazenand linux is modular ...00:06
bodhi_zazenThe first line of defense is, of course, permissions00:06
bodhi_zazensudo vs su ?00:06
Nano_ext3yea00:06
jimi_hendrixsudo runs one command su changes your user00:07
bodhi_zazensu gives all or none root access00:07
Rocket2DMn(or other user access)00:07
bodhi_zazensudo allows finer control00:07
bodhi_zazensudo -i for a root shell00:07
bodhi_zazenNext a firewall00:07
bodhi_zazenfirewall are also full of opinions00:07
bodhi_zazenIn general, you should use a router as a router has a firewall built in00:08
Nano_ext3thats how I do it00:08
bodhi_zazena default install of ubuntu has no servers listening, so the default settings behind a router are just fine00:08
Nano_ext3Not versed in linux firewalls yet00:08
bodhi_zazenIf you wish to user  a firewall, to set up your own router (NAT) or limit connections, teh firewall is iptables00:09
jimi_hendrixwhat about firestarter?00:09
bodhi_zazeniptables can be configured with commands, a  script, ufw, or a gui tool such as GUFW, Guraddog, firestarter, shorewall, etc00:09
bodhi_zazenguraddog has very nice built in help00:10
bodhi_zazenthe gui tools are not the firewall, only config tools00:10
bodhi_zazenOpen them, config iptables, close them00:10
Nano_ext3think router access list , but on the OS itself via iptables00:10
bodhi_zazenI advise you NOT use Firestarter to monitor your network traffic00:10
bodhi_zazenNext , everyone know the terms HIDS / NIDS ?00:11
Nano_ext3no00:11
bodhi_zazenhttp://en.wikipedia.org/wiki/Intrusion-detection_system00:11
bodhi_zazenhttp://en.wikipedia.org/wiki/Host-based_intrusion_detection_system00:11
bodhi_zazenhttp://en.wikipedia.org/wiki/Network_intrusion_detection_system00:12
bodhi_zazenOK, HIDS, most new users are familiar with say Windows antivirus scanners00:12
bodhi_zazenThis is a HIDS00:12
Nano_ext3k00:12
bodhi_zazenso is rkhunter and chkrootkit00:12
bodhi_zazenas is OSSEC, tripwire, etc00:12
bodhi_zazenuse these tools to monitor your system for unauthorizzed changes00:13
bodhi_zazenrkhunter and chkrootkit have a bunch of flase positives, learn what they are00:13
duanedesigndo you recommend running chkrootkit from a usb device00:13
bodhi_zazenand what a "normal" sustem is00:13
bodhi_zazenduanedesign: I do not think it matters really00:14
bodhi_zazenThe point is, you can not monitor your system for changes if you do not know what normal is00:14
bodhi_zazenYou will get alerts when you say install new software as well, or change a config file00:14
bodhi_zazenNext NIDS00:15
bodhi_zazenNIDS is sophisticated and even the geekiest will find this hard00:15
bodhi_zazenYou need to understand basic networking protocols, tcp, udp, ping, etc00:16
bodhi_zazenTools include snort and wireshark00:16
* jimi_hendrix tried wireshark one to sniff some packets i was sending00:16
Nano_ext3ive take Cisco CCNA, and Id still have enormous trouble with that00:16
Nano_ext3wireshark I have used00:16
* jimi_hendrix 's head blew up00:16
bodhi_zazenthese tools are "packte sniffers" and will montior your network traffic00:16
Nano_ext3I reccomend wireshark00:17
bodhi_zazensnort will user a set of rules to identify potentially problematic activity, although lots of false positives00:17
bodhi_zazenwireshark will monitor the raw packets00:17
bodhi_zazenin a nut shell00:17
bodhi_zazenNext line of defense - SELinux / Apparmor00:18
Nano_ext3:)00:18
jimi_hendrixSELinux != distro right00:18
SnovaNo, it's a security framework built into the kernel.00:18
Nano_ext3no00:18
Nano_ext3to jimi00:18
Nano_ext3security monitor00:18
bodhi_zazenThese are very powerful tools and these are the first tools that can protect you against unknown exploits and Zero day exploits00:18
bodhi_zazenThese tools can limit even root00:18
Nano_ext3zero day?00:18
SnovaSecurity exploits, on the day they are found, before they are patched.00:19
bodhi_zazenhttp://en.wikipedia.org/wiki/Zero-Day_Attack00:19
bodhi_zazenUbuntu uses Apparmor, but it needs to be configured00:19
bodhi_zazenMost people find apparmor easy to understand00:19
bodhi_zazenThe point, IMO, of apparmor is to "confine" any network applications00:20
bodhi_zazensuch as firefox, thunderbird, etc00:20
bodhi_zazenyou limit what they can do on your os00:20
bodhi_zazenyou can also limit a users shell, as I will show you on the shared ssh session00:20
Nano_ext3cool00:20
lovinglinuxcan be used with torrent applications?00:20
SnovaAnything.00:21
bodhi_zazenIMO SELINUX and Apparmor are mis characterized as "overkill"00:21
bodhi_zazenlovinglinux: yes00:21
bodhi_zazenI am collecting apparmor profiles here : http://bodhizazen.net/aa-profiles/00:21
lovinglinuxSo if someone exploit a vunerability on my torrent client, then Apparmor can prevent it from achieving success?00:21
bodhi_zazenI have a profile for rtorrent00:21
Snovalovinglinux: AppArmor can prevent it from accomplishing anything by restricting access to the filesystem, which is mostly the same thing.00:22
bodhi_zazenIf anyone is willing to contribute, send me your profiles ( bodhi.zazen @ ubuntu.com)00:22
bodhi_zazenand I will post them as well00:22
Nano_ext3i will have time this weeked to learn it bodhi00:22
lovinglinuxdo you know a good tutorial for apparmor?00:22
Nano_ext3bodhi link him your thread00:22
Nano_ext3:)00:22
bodhi_zazen /end long winded security drive by00:22
* jimi_hendrix puts away machine gun00:23
bodhi_zazenLinks are here : http://paste.ubuntu.com/133993/00:23
lovinglinuxthanks00:23
SnovaAppArmor introduction: http://ubuntuforums.org/showthread.php?t=100890600:23
bodhi_zazenOK , with that background, questions please ?00:23
SnovaOh, didn't notice the links at the bottom of that..00:23
bodhi_zazenOr do you want to see what the shared session can do ?00:23
bodhi_zazenie live demo ?00:23
* jimi_hendrix raises hand00:24
bodhi_zazengo jimi_hendrix :)00:24
jimi_hendrixif i am running a webserver (linux of course...well maybe a *BSD)...and its just pages with html, what am i at risk for00:24
bodhi_zazenapache attacks, php attacks, and DOS are the major ones00:25
bodhi_zazenThe damage depends on the attack00:25
bodhi_zazenI have seen php code that takes you cookies for example (think passwords for web sites)00:26
bodhi_zazenIf a crack allows "arbitrary code" think an intruder then has root access00:26
lovinglinuxDo I need to create apparmor profiles for all applications that connect to network or just for those that listen to ports?00:26
bodhi_zazenmany attacks then use your box to attack others, send spam, spoof ip, what have you00:26
bodhi_zazenIMO lovinglinux all apps that access the internet00:27
jimi_hendrixbodhi_zazen, i said just html, no php00:27
bodhi_zazenalthough as you can see I do not yet have profiles for all apps yet00:27
bodhi_zazenjimi_hendrix: LAMP == Linux apache Mysql and PHP so I included it in the broader discussion00:28
jimi_hendrixok00:28
bodhi_zazenWant to see a demo ?00:28
jimi_hendrixyes00:28
bodhi_zazenOn the ssh session ?00:28
Nano_ext3yeps00:28
bodhi_zazenOK00:28
bodhi_zazenanyone need assistance connecting via ssh ?00:29
bodhi_zazenok, the guru account has root access00:29
bodhi_zazenas you can see00:29
bodhi_zazenthe guru account can install applications00:30
Traveler15164yeah, i keep getting the Permission denied (publickey) error00:30
bodhi_zazen:)00:30
bodhi_zazensomeone help Traveler15164 please :)00:30
lovinglinuxsorry, I know how to use ssh, but don't which server I'm supposed to connect00:30
bodhi_zazenI will wait and answer questions00:30
bodhi_zazenyou need the key00:31
bodhi_zazenthen ssh guest@bodhizazen.net -i ~/.ssh/ufbt-guest00:31
bodhi_zazenpw = padawan00:31
Nano_ext3http://paste.ubuntu.com/133993/00:31
Nano_ext3follow exactly00:31
Nano_ext3verbatim00:31
bodhi_zazenhttp://paste.ubuntu.com/133993/00:31
Nano_ext3via terminal00:31
bodhi_zazenfor keys00:31
Nano_ext3beat you to it :)00:31
bodhi_zazenany other questions while we are waiting00:31
bodhi_zazen?00:31
bodhi_zazenchickens, all questions are welcome :)00:32
bodhi_zazenyou in Traveler15164 ?00:33
bodhi_zazenlovinglinux: ?00:33
Traveler15164nope00:33
bodhi_zazenTraveler15164: what do you need help with ?00:33
bodhi_zazendo you have the key ?00:33
lovinglinuxjust a second00:33
Traveler15164yes00:33
bodhi_zazendo you know how to use it ?00:33
Traveler15164i got it and placed it in a new empty file?00:34
Traveler15164named ufbt-guest and chmod 400 on that00:34
SnovaStick it in ~/.ssh00:34
Traveler15164it is00:34
bodhi_zazenok00:34
Snovassh guest@bodhizazen.net -i ~/.ssh/ufbt-guest00:34
Nano_ext3you have to place that text in ~/.ssh/ufbt-guest00:34
Nano_ext3and then chmod 400 on that file00:34
Nano_ext3its all in the paste link00:35
Nano_ext3http://paste.ubuntu.com/133993/00:35
lovinglinuxThe authenticity of host xxxxxxxxxxx can't be established.00:35
Traveler15164i'll redo it all to make sure00:35
bodhi_zazenlol lovinglinux00:35
Snovalovinglinux: That's normal, just confirm it.00:35
bodhi_zazensay yes :)00:35
bodhi_zazenTraveler15164: cd .ssh00:36
lovinglinuxlol, stupid me00:36
bodhi_zazenrm ufbt-guest00:36
bodhi_zazenwget http://bodhizazen.net/beginners/ufbt-guest00:36
bodhi_zazenchmod 400 ufbt00:36
Rocket2DMnyou may have to "ssh bodhizazen.net" first and accept the fingerprint00:36
bodhi_zazenssh guest@bodhizazen.net -i ./ufbt-guest00:36
Rocket2DMnthen just ctrl-c without doing any authentication00:36
Rocket2DMnthen do the ssh command above to use the key00:37
lovinglinuxConnection closed by xxxxxxxxx00:37
Rocket2DMni found if you use the key without having the fingerprint cached, it doesnt give you the option to store it and it aborts00:37
bodhi_zazenthanks Rocket2DMn00:38
bodhi_zazenTraveler15164: you in ?00:38
Traveler15164redoing it worked00:38
bodhi_zazenlovinglinux: ?00:38
Traveler15164strange00:38
bodhi_zazenOK, so ...00:38
bodhi_zazenas you can see we are root :)00:38
lovinglinuxOK, I am in00:38
Nano_ext3yay!00:38
bodhi_zazenas you can see, we started a new shell00:38
* Nano_ext3 runs around in circles with streamers00:39
bodhi_zazenguru was jailzsh00:39
bodhi_zazenroot is bash00:39
bodhi_zazenbut the apparmor confinement follows us00:39
bodhi_zazenso ...00:39
bodhi_zazenFirst I am limiting root with iptables ...00:39
bodhi_zazensorry for the typo :(00:40
bodhi_zazenas you can see, root can ping google , but not my lan00:40
jimi_hendrixback00:40
bodhi_zazenso lets stop iptables :)00:40
bodhi_zazenOH NO00:41
bodhi_zazenPermission denied00:41
jimi_hendrixsudo it!00:41
HalowHe's root....00:41
jimi_hendrix(i know)00:41
Rocket2DMntab complete fail00:41
bodhi_zazenok ..00:41
bodhi_zazenlets mess with the settings a little00:42
bodhi_zazenfoiled again :)00:42
bodhi_zazenLets try this ::)00:42
bodhi_zazen:)00:43
Halow:O00:44
SnovaOk, so the AppArmor restrictions followed you from jailzsh to root's Bash?00:44
bodhi_zazenso you can see, although root can install apps, access to critical system files is restricted00:44
jimi_hendrixr00t has uber fail?00:44
bodhi_zazenyes Snova00:44
bodhi_zazenWe can start a new shell if we wish00:44
Rocket2DMnMy head just exploded.00:45
Nano_ext3ugh gotta run, sorry guys00:45
bodhi_zazenso ..00:45
Nano_ext3have to head home for work tommorow :(00:45
Rocket2DMnnow bodhi_zazen , do these restrictions apply only when using sudo to access root?  What if you had a try root login, like "su -" ?00:45
SnovaBye Nano_ext3.00:45
Nano_ext3laters :(00:45
bodhi_zazenany process you start is confined by apparmor00:45
bodhi_zazenthe restrictions follow you00:45
Nano_ext3ill read more on aa this weekend00:45
Nano_ext3def00:46
Nano_ext3laters00:46
bodhi_zazenno Rocket, watch00:46
bodhi_zazensee, we are now guru again ?00:46
bodhi_zazenguru is given jailzsh as a default shell00:46
bodhi_zazenjailzsh in an apparmor profile and I think I can show it to you00:47
bodhi_zazenThere it is ...00:47
lovinglinuxThat's it? Looks simple.00:47
bodhi_zazenthat was jail bash00:47
bodhi_zazenjailbash is from jdong00:48
bodhi_zazenposted here :00:48
bodhi_zazenhttp://bodhizazen.net/aa-profiles/jdong/ubuntu-8.04/usr.local.bin.jailbash00:48
bodhi_zazenand yes, it is simple00:48
lovinglinuxI'm gonna try this00:49
bodhi_zazenI am restricting access to jailzsh as it is a fair amount more permissive then jailbash00:49
bodhi_zazenanything else you want to see in the shared session ?00:49
bodhi_zazenplease, other security questions ?00:50
jimi_hendrixbodhi_zazen, is it possible to secure a windows server?00:50
bodhi_zazenyes, of course00:50
Rocket2DMnahh hardened windows servers :)00:51
lovinglinuxI have one stupid question at http://ubuntuforums.org/showthread.php?t=110077800:51
bodhi_zazenAgain, I am collecting aa profiles here : http://bodhizazen.net/aa-profiles/00:51
bodhi_zazendownload them, try them out, and if you wish send me your modifications and I will post them for others00:51
bodhi_zazenlovinglinux: in a nut shell, no your router is not ipv600:52
bodhi_zazenmost people disable ipv600:52
jimi_hendrixRocket2DMn, is it possible then?00:53
bodhi_zazenip providers hate ipv6 because ipv6 makes them obsolete as an ip provider00:53
bodhi_zazenthey would need to provide the physical layer howerver00:53
Rocket2DMnyes jimi_hendrix you can lock down windows servers00:53
lovinglinuxbodhi_zazen:  so just leave ipv6 alone right? No need for iptables rules?00:53
bodhi_zazenyes, or you can disable it if you wish00:53
lovinglinuxbodhi_zazen:  thanks00:53
bodhi_zazensome people think their box runs faster if they disable it00:54
bodhi_zazennp00:54
bodhi_zazenplease, I have been ranting, questions, questions :)00:54
jimi_hendrixwhat is the average airspeed of a swallow00:54
lovinglinuxis there an alternative for intrusion detection without using MySQL?00:54
bodhi_zazenyes lovinglinux00:55
bodhi_zazenyou can use snort + barnyard00:55
lovinglinuxI will look into that. Thanks00:56
bodhi_zazenlovinglinux: http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1255683_tax307468,00.html00:56
bodhi_zazenalthough that may use mysql, and if so, my mistake00:57
ds305quit Thanks bodhi00:57
jgoguenlol :)00:57
lovinglinuxI have another question. Please wait because I have a inflamed finger, so I need time to type.00:58
bodhi_zazengo lovinglinux00:58
bodhi_zazenWell, we are close to the hour00:58
bodhi_zazenWatch, if I close the screen session you all are disconnected :)00:59
bodhi_zazen>:)00:59
SnovaOh, like that? ;)00:59
bodhi_zazenJust like that00:59
lovinglinuxI have an iptables rule to accept established connection. If I have a client listening to a port, but no other ports opened, is it possible for someone already connected to my client to establish connections on other ports?00:59
bodhi_zazenThe guest account can not connect without a session running00:59
bodhi_zazenif you try you will be blacklisted after a few attempts00:59
bodhi_zazenhard to follow lovinglinux01:00
lovinglinuxbodhi_zazen: maybe is just my paranoia01:00
bodhi_zazenIf your client is cracked and you are droping new connections I do not think normally the client could establish a new connection on a new port01:01
bodhi_zazenI guess they could use the established connection and leverage additional exploits01:01
lovinglinuxbodhi_zazen: through the same port?01:02
bodhi_zazenWell, thank you everyone, it is 7 so we are "oficially" over, although I will be available for say 10-15 minutes01:02
bodhi_zazenthen I have to go to my family01:02
duanedesignaawesome!!! thank you01:02
bodhi_zazenin theory lovinglinux01:02
HalowYes, thank you!01:02
bodhi_zazensince the connection is established ...01:03
lovinglinuxThank you very much. Really nice experience, specially the shared ssh session.01:03
bodhi_zazenyou are most welcome everyone01:03
duanedesignapplause01:03
bodhi_zazenthe beginners team is going to run additional sessions01:03
bodhi_zazenand the shared ssh session is available to anyone willing to teach01:03
bodhi_zazenI have found the shared ssh session is a very effective demo for apparmor and iptables , lol01:04
bodhi_zazenwb k0001 :)01:05
lovinglinuxbodhi_zazen:  what do you think about UPnP?01:05
bodhi_zazenNot a lot01:05
bodhi_zazenAgain, we all like convienience01:05
k0001bodhi_zazen: hwllo01:05
bodhi_zazenbut we all hate it when we are cracked, lol01:05
lovinglinuxlol01:05
bodhi_zazenso it is nice (off UPnP) for our flash drives to auto mount01:06
bodhi_zazenbut not so nice when a malignant code the uses this to automatically start it's evil work ;)01:06
bodhi_zazensecurity and convenience == yin and yang and we must bring balance to the force01:07
bodhi_zazenit is just that the balance point is dependent on sphincter tone, :p01:08
lovinglinuxlol01:08
bodhi_zazenIf anyone is interested in topics or teaching sessions, please let me know01:08
lovinglinuxdo I need to keep your key for further sessions?01:08
bodhi_zazenI shall try to run a session every other week at this time with varied topics01:09
bodhi_zazenI am sorry to have such limited times, I wish I could vary it more, but I have a family so this works best01:09
duanedesignthat is much appreciated01:09
bodhi_zazenyes lovinglinux01:09
duanedesign:)01:10
lovinglinuxwhat time is there right now and what time it starts?01:10
bodhi_zazenI hope that the sessions are logged and posted in classroom01:10
bodhi_zazenIt is just past 7 PM local time for me01:10
bodhi_zazenSessions will start at 6 pm local time01:10
lovinglinuxOk, great01:11
bodhi_zazenand if anyone has a topic, add it to the list01:11
bodhi_zazenI think we do another security session in 2 weeks01:11
=== k00011 is now known as k0001
bodhi_zazenand after that I have been asked to cover permissions01:11
lovinglinuxpermissions will be nice01:11
linuxwarrioris the session on 26th will be the same as this one ?01:12
bodhi_zazenAdd your topic here : https://wiki.ubuntu.com/BeginnersTeam/FocusGroups/Education/Proposals01:12
bodhi_zazenput my name in as the instructor01:12
bodhi_zazenand I will add them here : https://wiki.ubuntu.com/BeginnersTeam/FocusGroups/Education/Events01:13
bodhi_zazenlinuxwarrior: same topic01:13
bodhi_zazenHopefully different questions :)01:13
bodhi_zazenI hope people will try iptables, apparmor, etc and bring questions01:13
SnovaHmm... I could probably help with a few of those.01:13
linuxwarriorok ;)01:14
bodhi_zazenhttp://bodhizazen.net/Tutorials/iptables/01:14
bodhi_zazenI posted a number of links here : http://paste.ubuntu.com/133993/01:14
Traveler15164what i don't get is i can genprof firefox and play around with it, then do the scan and it doesn't really add that much to the profile01:14
bodhi_zazenno Traveler1516401:14
bodhi_zazenThat is the problem with apparmor, you will need to emulate a profile or make your own01:15
bodhi_zazenfirefox is not the best to start because it is large01:15
bodhi_zazenStart with say xchat01:15
bodhi_zazenor your irc client01:15
bodhi_zazenand then go to firefox01:15
bodhi_zazensudo aa-enforce xchat01:15
bodhi_zazenthen01:15
lovinglinuxIs there a requirement for classes to be related with system configuration or can they be about how to use a specific kind of program, like multimedia for example?01:15
bodhi_zazentail -F /var/log/messages01:16
bodhi_zazenopen xchat and watch and resolve errors01:16
bodhi_zazenlovinglinux: topics are open01:16
bodhi_zazenwe (the beginners team) is here to educate and we really want to grow this service and cover topics of interest to the community01:17
bodhi_zazenWe hope to add things like Moodle01:17
bodhi_zazenhttp://fmc.isgreat.org/Ubuntu_Classroom/index.html01:17
bodhi_zazenso we can develop more formal content01:17
bodhi_zazenbut ...01:17
Traveler15164iif you put just enough in the firefox profile to allow firefox to start up, then it lets you view or change anything in that session but the settings or cache isn't saved, correct?01:17
bodhi_zazenwe are in the beginning phases01:17
Traveler15164sorta like a sandboxing app01:17
bodhi_zazenyes, I think Traveler1516401:18
lovinglinuxSo maybe I could help with some stuff, like how to organize image collections using IPTC, EXIF and so on. I will think about it.01:18
bodhi_zazenIf you change (edit) the profile, you need to restart both apparmor and firefox for the effects to take place01:18
Traveler15164ok01:18
bodhi_zazenno always firefox, but it does not hurt01:18
bodhi_zazenSometimes you also need to clear your cache on firefox as well01:19
bodhi_zazenlovinglinux: any help you can offer would be awesome01:19
bodhi_zazensome team members help with content01:19
bodhi_zazenothers teach01:19
bodhi_zazensome do nothing01:19
bodhi_zazen:)01:19
lovinglinuxlol01:19
bodhi_zazenit is a team effort and we are all volunteers01:19
bodhi_zazenthe main limiting factor , of course, is my time01:20
bodhi_zazenI rely on the focus groups to help01:20
bodhi_zazenOK, I gotta go01:20
bodhi_zazenreally, thank you all for coming01:20
bodhi_zazenand lets see if we can continue and extend these sessions01:20
HalowThanks again. :)01:21
bodhi_zazenwe need both helpers and an audience :)01:21
lovinglinuxbodhi_zazen:  thanks again01:21
bodhi_zazenPM me on the forms or come on by #ubuntuforums-beginners :)01:21
lovinglinuxcya01:21
bodhi_zazenyou are all most welcome Halow lovinglinux and everyone really01:21
bodhi_zazenit was fun, I hope I did not rant on too long01:22
bodhi_zazenc ya01:22
Traveler15164thank you, bye01:24
linuxwarriorthx bye01:24
=== ampelbein is now known as Ampelbein
=== k00011 is now known as k0001
=== Ampelbein is now known as ampelbein
=== noodles775 is now known as noodles775-afk
=== noodles775-afk is now known as noodles775
=== ampelbein is now known as Ampelbein
=== Ampelbein is now known as ampelbein
=== ampelbein is now known as goodkarma
=== goodkarma is now known as Ampelbein
=== Ampelbein is now known as ampelbein
=== Pici is now known as newnick
=== newnick is now known as Pici
=== ampelbein is now known as Ampelbein
=== Ampelbein is now known as ampelbein
=== ampelbein is now known as Ampelbein
=== Ampelbein is now known as ampelbein
=== bigimole is now known as ibuclaw

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!